﻿using Microsoft.Practices.EnterpriseLibrary.Data.Sql;
using System;
using System.Collections.Generic;
using System.Data;
using System.Data.Common;
using System.Data.SqlClient;
using System.Linq;
using System.Text;
using Easy.Common;

namespace Easy.DAL
{
    public class PrivilegeDAL
    {
        private readonly SqlDatabase sqldb = new SqlDatabase(Config.TulingBuyCrmConnectString);

        /// <summary>
        /// 获取数据权限（删、改、查、分派）
        /// </summary>
        /// <param name="entityName">实体名称</param>
        /// <param name="recordId">记录ID</param>
        /// <param name="systemUserId">用户ID</param>
        /// <param name="AccessRight">权限类型（1:'READ',2:'WRITE',65536:'DELETE',524288:'ASSIGN'）</param>
        /// <returns></returns>
        public bool IsHaveRight(string entityName, Guid recordId, Guid systemUserId, int AccessRight)
        {

            SqlParameter[] pams = new SqlParameter[]{
	            new SqlParameter("@EntityName",entityName),
	            new SqlParameter("@RecordId",recordId),
	            new SqlParameter("@SystemUserId",systemUserId),
	            new SqlParameter("@AccessRight",AccessRight)
            };
            DbCommand cmd = sqldb.GetStoredProcCommand("sp_IsHaveRight");
            cmd.Parameters.AddRange(pams);
            DataSet ds = sqldb.ExecuteDataSet(cmd);
            return ds.Tables[0].Rows.Count > 0;
        }
        public bool IsHaveCreateRight(string entityName, Guid currentUserId, Guid currentBusinessId, Guid owningUserId, Guid owningBusinessId)
        {

            SqlParameter[] pams = new SqlParameter[]{
	            new SqlParameter("@EntityName",entityName),
	            new SqlParameter("@CurrentUserId",currentUserId),
	            new SqlParameter("@CurrentBusinessId",currentBusinessId),
	            new SqlParameter("@OwningUserId",owningUserId),
	            new SqlParameter("@OwningBusinessId",owningBusinessId)
            };
            DbCommand cmd = sqldb.GetStoredProcCommand("sp_IsHaveCreateRight");
            cmd.Parameters.AddRange(pams);
            DataSet ds = sqldb.ExecuteDataSet(cmd);
            return ds.Tables[0].Rows.Count > 0;
        }

        public DataTable GetSecurityLevel(string entityName, Guid systemUserId)
        {
            string sql = string.Format(@"select P.AccessLevel,isnull(max(RP.SecurityLevel),0) as SecurityLevel
	                                    from Privialge as P with(nolock)
	                                    inner join RolePrivilageRelationship as RP with(nolock) on RP.PrivilageId=P.PrivilageId
	                                    inner join UserRoleRelationship as UR with(nolock) on UR.RoleMapId=RP.RoleId
	                                    where P.Entity=@EntityName and UR.SystemUserId=@SystemUserId
                                        group by P.AccessLevel");
            SqlParameter[] pams = new SqlParameter[]{
	            new SqlParameter("@EntityName",entityName),
	            new SqlParameter("@SystemUserId",systemUserId)
            };
            DbCommand cmd = sqldb.GetSqlStringCommand(sql);
            cmd.Parameters.AddRange(pams);
            DataTable dt = sqldb.ExecuteDataSet(cmd).Tables[0];
            return dt;
        }

        //zw
        public DataTable GetOprivilege(Guid systemUserId)
        {
            string sql = string.Format(@"select distinct f.Code 
                                        from [dbo].[UserRoleRelationship] as ur 
                                        inner join [RoleMapFunctionPrivilegeRelationship] as rf on rf.RoleMapId=ur.RoleMapId
                                        inner join [FunctionPrivilege] as f on f.FunctionPrivilegeId=rf.FunctionPrivilegeId
                                        where ur.SystemUserid=@SystemUserId");
            SqlParameter[] param = new SqlParameter[] { new SqlParameter("@SystemUserId", systemUserId) };
            DbCommand cmd = sqldb.GetSqlStringCommand(sql);
            cmd.Parameters.AddRange(param);
            DataTable dt = sqldb.ExecuteDataSet(cmd).Tables[0];
            return dt;
        }

    }
}
